<?php
require_once(dirname(__FILE__).'/config.php');

if(!$cfg_ml->IsLogin())
	{
		include_once(dirname(__FILE__)."/templets/index-notlogin.htm");
	}


if($dopost=='')
{

	 
$sql = "select * from #@__member where mid='".$cfg_ml->M_ID."'";
$dsql->SetQuery($sql);
$dsql->Execute();
$row = $dsql->GetArray();
        $dpl = new DedeTemplate();
		$tpl = dirname(__FILE__)."/templets/edit_pwd.htm";
		$dpl->LoadTemplate($tpl);
		$dpl->display();
		
}
/*------------------------
function __Save()
------------------------*/
if($dopost=='save'){
	
	$oldpwd=$oldPasswd;
	$userpwd=$newPasswd;
	$userpwdok=$rePasswd;
	
    $pwd2=(empty($pwd2))? "" : $pwd2;
    $row=$dsql->GetOne("select  * from `#@__member` where mid='".$cfg_ml->M_ID."'");

    if(!is_array($row) || $row['pwd']!=md5($oldpwd))
	{
		ShowMsg('你输入的旧密码错误，不允许修改！','-1');
		exit();
	}
	if($userpwd!=$userpwdok)
	{
		ShowMsg('你两次输入的新密码不一致！','-1');
		exit();
	}
	if($userpwd=='')
	{
		$pwd = $row['pwd'];
	}
	else
	{
		$pwd = md5($userpwd);
		$pwd2 = substr(md5($userpwd),5,20);
	}
	
	
		$inquery = "Update `#@__member` set pwd='$pwd' where mid='".$cfg_ml->M_ID."'";
		if(!$dsql->ExecuteNoneQuery($inquery))
		{
			$gerr = $dsql->GetError();
			ShowMsg("更新会员表出错<br>error:{$gerr}，请联系管理员！","javascript:;");
			exit();
		}
		else{
			
			
			//如果是管理员，修改其后台密码
	if($row['mid']=='1' && $pwd2!="" && $cfg_ml->M_ID=='1')
	{
		$query2 = "Update `#@__admin` set pwd='$pwd2' where id='".$cfg_ml->M_ID."' ";
		$dsql->ExecuteNoneQuery($query2);
	}
	  ShowMsg('成功修改你的密码！','edit_pwd.php',0,5000);
	    exit();
		}
}
?>